What is X-bash? A look at the all-in-one malware threat
What is X-Bash?
Researchers at Palo Alto Networks have named this new form of malware X-bash. They claim it combines bot net, cryptocurrency mining software and ransomware in one singular worm that specifically targets users of Linux and Windows.
Who created it?
What dangers does it pose?
The first point to note is X-bash’s botnet module. This is the prime method the malware utilizes to infect new Windows and Linux systems. It searches for unpatched security holes to get on to a server and can also brute-force several web servers.
It also contains a worm which, while it is said to be currently inactive, does have the ability to generate a list of IP addresses on the same network it has infected and test to see if ports are open.
Finally, X-bash also contains two modules which are used to extort money from the infected system’s user. The ransomware module attacks Linux servers, it looks for databases, destroys them and then leaves a ransom note which asks the user to pay a financial sum through an anonymous cryptocurrency payment. Similarly, X-bash contains a cryptominer which is deployed to Windows servers.
Worryingly, the team at Palo Alto Networks who discovered the threat have said that they have found no evidence that X-bash contains any capabilities of restoration, meaning that even if victims pay their ransom, it is unlikely they will ever have their data restored by the hackers.
How to protect your business
Businesses, organisations and individuals can protect their data by using strong passwords, keeping their patches up-to-date, using endpoint security on their systems, preventing access to unknown hosts on their servers and implementing a regular routine of data backups to prepare for the worst-case scenario.
Here at ECL we have extensive experience in protecting businesses against the latest malware, computer hacks, viruses, spam, phishing scams and other threats and can advise you on the best methods of protecting your business. We can also help businesses to update their systems to run the latest and most secure version of Windows available. For more information please, please call us on 01268 575300 or email us on firstname.lastname@example.org.
ECL recognises that every client is different, and every client has a different IT support requirement. Whatever the size of your business, we can offer a support scenario to suit your needs.
Whether your business already uses Cloud services or you’re considering the Cloud as a possible way forward, talk to us first. We can provide anything from fully hosted IT infrastructures on our own ECL Private Cloud, to simple on-line backups. We can also give expert advice on Office 365 and other Cloud platforms.
How would losing access to your IT systems and data for days, or even weeks, affect your business? For many if not most companies this would be a nightmare scenario, with potentially very serious consequences.